                                                        CreationClassName  CreationDate               CSCreationClassName   CSName           Description                ExecutablePath                                                                                ExecutionState  Handle  HandleCount  InstallDate  KernelModeTime  MaximumWorkingSetSize  MinimumWorkingSetSize  Name                       OSCreationClassName    OSName                                                             OtherOperationCount  OtherTransferCount  PageFaults  PageFileUsage  ParentProcessId  PeakPageFileUsage  PeakVirtualSize  PeakWorkingSetSize  Priority  PrivatePageCount  ProcessId  QuotaNonPagedPoolUsage  QuotaPagedPoolUsage  QuotaPeakNonPagedPoolUsage  QuotaPeakPagedPoolUsage  ReadOperationCount  ReadTransferCount  SessionId  Status  TerminationDate  ThreadCount  UserModeTime  VirtualSize    WindowsVersion  WorkingSetSize  WriteOperationCount  WriteTransferCount
System Idle Process                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010903.547849-420  Win32_ComputerSystem  DESKTOP-096M4E5  System Idle Process                                                                                                                      0       0                         348376250000                                                  System Idle Process        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  0                    0                   8           52             0                52                 65536            8                   0         53248             0          1                       0                    1                           0                        0                   0                  0                                   4            0             65536          10.0.15063      8192            0                    0
System                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926010903.547849-420  Win32_ComputerSystem  DESKTOP-096M4E5  System                                                                                                                                   4       4396                      6197187500                                                    System                     Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  135788               2577983             20722       192            0                204                35700736         27776               8         196608            4          1                       0                    1                           0                        251                 155734605          0                                   189          0             30654464       10.0.15063      24485888        5682                 140747685
smss.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010903.557428-420  Win32_ComputerSystem  DESKTOP-096M4E5  smss.exe                                                                                                                                 416     52                        2500000                                                       smss.exe                   Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  492                  6246                903         480            4                544                2199051104256    1256                11        491520            416        3                       13                   8                           53                       10                  57529              0                                   3            156250        2199030435840  10.0.15063      1060864         2                    33
csrss.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010915.911778-420  Win32_ComputerSystem  DESKTOP-096M4E5  csrss.exe                                                                                                                                664     786                       45000000                                                      csrss.exe                  Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  20992                405185              39809       1980           580              2200               2199093108736    6212                13        2027520           664        22                      243                  25                          258                      3741                3289698            0                                   11           24843750      2199091916800  10.0.15063      5931008         0                    0
wininit.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010916.228309-420  Win32_ComputerSystem  DESKTOP-096M4E5  wininit.exe                                                                                                                              764     139                       1093750                                                       wininit.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  220                  2342                2257        1388           580              1848               2199086829568    6776                13        1421312           764        11                      127                  13                          129                      1                   9728               0                                   2            312500        2199083683840  10.0.15063      5771264         0                    0
csrss.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010916.238249-420  Win32_ComputerSystem  DESKTOP-096M4E5  csrss.exe                                                                                                                                780     940                       586718750                                                     csrss.exe                  Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9161                 111286              651378      4728           756              11460              2199137972224    25292               13        4841472           780        25                      282                  26                          298                      335825              8973922            1                                   15           10468750      2199126790144  10.0.15063      6545408         0                    0
winlogon.exe               winlogon.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926010916.289389-420  Win32_ComputerSystem  DESKTOP-096M4E5  winlogon.exe               C:\WINDOWS\system32\winlogon.exe                                                                              868     224                       5468750         1380                   200                    winlogon.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  507                  174386              13986       2348           756              3440               2199097937920    14152               13        2404352           868        11                      141                  13                          152                      3                   178288             1                                   4            156250        2199092682752  10.0.15063      8785920         1                    160
services.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010916.334919-420  Win32_ComputerSystem  DESKTOP-096M4E5  services.exe                                                                                                                             916     623                       94687500                                                      services.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  11954                164620              36008       4792           764              6108               2199082708992    10832               9         4907008           916        11                      163                  17                          177                      6                   465292             0                                   7            62500000      2199060189184  10.0.15063      8974336         2                    100792
lsass.exe                  C:\WINDOWS\system32\lsass.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010916.367592-420  Win32_ComputerSystem  DESKTOP-096M4E5  lsass.exe                  C:\WINDOWS\system32\lsass.exe                                                                                 924     1795                      57812500        1380                   200                    lsass.exe                  Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  14421                1309489             21883       8292           764              8512               2199084326912    16612               9         8491008           924        23                      138                  25                          139                      2645                209284             0                                   8            77812500      2199081697280  10.0.15063      14684160        1867                 486777
fontdrvhost.exe            "fontdrvhost.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010916.988459-420  Win32_ComputerSystem  DESKTOP-096M4E5  fontdrvhost.exe            C:\WINDOWS\system32\fontdrvhost.exe                                                                           1016    44                        8593750         1380                   200                    fontdrvhost.exe            Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1839                 46144               18496       4628           868              7756               2199339274240    16340               8         4739072           1016       9                       317                  16                          558                      0                   0                  1                                   6            9843750       2199213043712  10.0.15063      6930432         0                    0
fontdrvhost.exe            "fontdrvhost.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010916.988468-420  Win32_ComputerSystem  DESKTOP-096M4E5  fontdrvhost.exe            C:\WINDOWS\system32\fontdrvhost.exe                                                                           1020    44                        312500          1380                   200                    fontdrvhost.exe            Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  65                   1432                1458        1572           764              1572               2199087312896    4068                8         1609728           1020       7                       91                   7                           91                       0                   0                  0                                   6            312500        2199087312896  10.0.15063      2916352         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010917.012757-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               520     70                        156250          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  13                   110                 1117        924            916              1080               2199049109504    3992                8         946176            520        5                       38                   6                           39                       0                   0                  0                                   2            0             2199047536640  10.0.15063      3555328         0                    0
svchost.exe                C:\WINDOWS\system32\svchost.exe -k DcomLaunch                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010917.040216-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               608     1155                      170000000       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  20229                449780              100093      11236          916              14232              2199144820736    27844               8         11505664          608        22                      519                  27                          525                      37                  3289364            0                                   19           90312500      2199124910080  10.0.15063      25591808        56                   424648
svchost.exe                c:\windows\system32\svchost.exe -k rpcss                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010917.204108-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               760     1129                      378906250       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6615                 397534              639701      7792           916              7976               2199100203008    14368               8         7979008           760        20                      194                  24                          198                      24                  1708032            0                                   14           645781250     2199093096448  10.0.15063      14622720        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k dcomlaunch -s LSM                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926010917.245994-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               612     270                       21562500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  141                  388                 3005        2608           916              22700              2199083991040    6996                8         2670592           612        9                       102                  9                           118                      0                   0                  0                                   6            8750000       2199062007808  10.0.15063      6299648         0                    0
dwm.exe                    "dwm.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010917.367784-420  Win32_ComputerSystem  DESKTOP-096M4E5  dwm.exe                    C:\WINDOWS\system32\dwm.exe                                                                                   1108    782                       1974687500      1380                   200                    dwm.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1012                 62402               2009420     116700         868              134436             2199493701632    132636              13        119500800         1108       44                      627                  54                          643                      1                   60                 1                                   11           5772343750    2199485128704  10.0.15063      113549312       0                    0
svchost.exe                C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010917.473587-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               1184    133                       1562500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  387                  3558                2197        1376           916              1644               2199065206784    6236                8         1409024           1184       8                       66                   10                          67                       0                   0                  0                                   3            781250        2199062061056  10.0.15063      5685248         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010917.505038-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1268    170                       8593750         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6462                 330098              12779       2172           916              2428               2199076511744    9692                8         2224128           1268       12                      93                   16                          95                       0                   0                  0                                   2            15000000      2199072317440  10.0.15063      9224192         0                    0
svchost.exe                C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010917.521039-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               1288    539                       120312500       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  22249                7833900             182618      10812          916              14144              2199137796096    23952               8         11071488          1288       35                      143                  40                          146                      1                   116                0                                   15           105468750     2199125229568  10.0.15063      17321984        2                    32928
svchost.exe                c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010917.523253-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1300    144                       2031250         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  69                   334                 3399        1868           916              2148               2199077113856    10864               8         1912832           1300       10                      110                  10                          112                      0                   0                  0                                   2            1718750       2199073968128  10.0.15063      10608640        0                    0
WUDFHost.exe               "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-284098ba-0abf-463b-9ec9-378a50282170 -SystemEventPortName:HostProcess-86948312-e8ae-4b4f-beda-12dd993ba003 -IoCancelEventPortName:HostProcess-f28d3982-d218-4270-9070-6b48627b3c8d -NonStateChangingEventPortName:HostProcess-8e50cf14-c686-4673-af59-f6091df31e95 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8dc204db-87ef-465d-bff3-f334a98c9c44 -DeviceGroupId:                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010917.563674-420  Win32_ComputerSystem  DESKTOP-096M4E5  WUDFHost.exe               C:\Windows\System32\WUDFHost.exe                                                                              1384    365                       2343750         1380                   200                    WUDFHost.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  802                  93431               10332       24900          1184             25036              2199141109760    35724               13        25497600          1384       17                      173                  21                          177                      623                 1947090            0                                   15           625000        2199137964032  10.0.15063      11350016        4                    256336
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s Schedule                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010917.564072-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1392    404                       32031250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  4138                 80894               9275        6280           916              7004               2199131762688    15720               8         6430720           1392       20                      296                  24                          303                      3                   1898               0                                   10           15468750      2199118442496  10.0.15063      13062144        30                   1745610
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926010917.596922-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1460    210                       19218750        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  302                  3536                3868        2368           916              2768               2199110762496    10796               8         2424832           1460       12                      156                  13                          162                      8                   10711040           0                                   3            6562500       2199104995328  10.0.15063      10203136        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s UserManager                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010917.811741-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1584    192                       14843750        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  103                  1360                3040        1980           916              2280               2199075082240    8700                8         2027520           1584       10                      76                   11                          77                       0                   0                  0                                   5            6875000       2199068794880  10.0.15063      8257536         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k appmodel -s StateRepository                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010917.863373-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1616    154                       301718750       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3728                 21048               477834      4612           916              8064               2199083794432    15340               8         4722688           1616       10                      80                   11                          81                       8485                34251064           0                                   8            1545625000    2199080624128  10.0.15063      12410880        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926010918.010303-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1716    384                       21406250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9676                 844480              25364       12252          916              17944              2199097237504    20296               8         12546048          1716       15                      86                   16                          99                       801                 23976448           0                                   7            10312500      2199084707840  10.0.15063      12001280        2013                 27692920
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s Themes                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926010918.070504-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1760    262                       2656250         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  37                   110                 2079        1280           916              1404               2199067000832    5984                8         1310720           1760       8                       80                   8                           81                       0                   0                  0                                   3            625000        2199065100288  10.0.15063      5488640         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s EventSystem                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010918.075662-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1768    156                       1718750         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  53                   614                 3144        1988           916              2240               2199076376576    7944                8         2035712           1768       9                       81                   10                          81                       34                  714                0                                   5            2656250       2199071125504  10.0.15063      7790592         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s SENS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926010918.220097-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1896    192                       5000000         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1985                 91954               7494        2168           916              2564               2199081218048    9388                8         2220032           1896       15                      93                   16                          94                       1944                39096              0                                   2            1562500       2199075434496  10.0.15063      9068544         0                    0
igfxCUIService.exe         C:\WINDOWS\system32\igfxCUIService.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010918.297788-420  Win32_ComputerSystem  DESKTOP-096M4E5  igfxCUIService.exe         C:\WINDOWS\system32\igfxCUIService.exe                                                                        1936    179                       625000          1380                   200                    igfxCUIService.exe         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  207                  1750                2648        1908           916              2088               56524800         9100                8         1953792           1936       10                      93                   12                          93                       76                  28984              0                                   5            468750        51281920       10.0.15063      7913472         5                    180
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s nsi                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010918.327803-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1984    136                       20312500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  2653                 103438              37728       5832           916              5996               2199077953536    9620                8         5971968           1984       31                      65                   33                          65                       0                   0                  0                                   4            29218750      2199067467776  10.0.15063      6438912         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926010918.344621-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2012    156                       2187500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  946                  24170               2374        1788           916              2056               2199075368960    8108                8         1830912           2012       10                      84                   13                          85                       0                   0                  0                                   4            781250        2199071174656  10.0.15063      7172096         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s FontCache                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926010918.347657-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2020    124                       5781250         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  4473                 173224              23748       1688           916              4508               2199157932032    12260               8         1728512           2020       10                      127                  12                          243                      0                   0                  0                                   4            4687500       2199099248640  10.0.15063      8011776         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010918.398701-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1276    199                       52656250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6348                 397770              12134       2304           916              3480               2199078694912    7800                8         2359296           1276       10                      85                   27                          85                       0                   0                  0                                   7            26875000      2199068209152  10.0.15063      7471104         0                    0
svchost.exe                C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010918.516045-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\System32\svchost.exe                                                                               2084    301                       12187500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  920                  12828               7495        3188           916              3388               2199089725440    12076               8         3264512           2084       14                      119                  15                          119                      0                   0                  0                                   8            9843750       2199087554560  10.0.15063      11771904        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926010918.563253-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2120    382                       45625000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  376                  11378               97666       6532           916              8760               2199107026944    16960               8         6688768           2120       16                      108                  17                          112                      1064                8477028            0                                   16           109062500     2199100264448  10.0.15063      14331904        25                   651020
svchost.exe                c:\windows\system32\svchost.exe -k networkservice -s NlaSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926010918.575169-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2140    348                       150625000       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  152581               10628422            93359       4472           916              5900               2199100424192    12596               8         4579328           2140       16                      107                  25                          116                      12                  1392               0                                   7            54843750      2199081390080  10.0.15063      11599872        12                   1920
svchost.exe                C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010918.601451-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\System32\svchost.exe                                                                               2180    116                       3593750         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1510                 171722              2347        1584           916              1876               2199064756224    6324                8         1622016           2180       11                      70                   12                          70                       0                   0                  0                                   4            1093750       2199062659072  10.0.15063      5976064         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k networkservice -s Dnscache                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010918.602398-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2188    219                       115000000       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  112899               4623177             45937       3432           916              3936               2199084707840    8788                8         3514368           2188       15                      92                   35                          96                       12                  5238               0                                   12           38125000      2199081562112  10.0.15063      8241152         0                    0
svchost.exe                C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010918.611253-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               2200    382                       12500000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7006                 564888              13571       3196           916              3696               2199097098240    11972               8         3272704           2200       18                      135                  22                          136                      0                   0                  0                                   12           11718750      2199092379648  10.0.15063      10510336        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s netprofm                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926010918.712860-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2336    399                       78281250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  73571                5298646             42929       3296           916              3584               2199090225152    9488                8         3375104           2336       12                      118                  19                          118                      0                   0                  0                                   14           99375000      2199086006272  10.0.15063      9093120         0                    0
svchost.exe                C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010918.735816-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               2388    451                       27187500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3367                 1102888             16748       5404           916              5892               2199136817152    16396               8         5533696           2388       21                      184                  23                          193                      554                 217382             0                                   9            37343750      2199129317376  10.0.15063      13795328        1                    160
AsLdrSrv.exe               "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010918.795489-420  Win32_ComputerSystem  DESKTOP-096M4E5  AsLdrSrv.exe               C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe                                               2464    100                       937500          1380                   200                    AsLdrSrv.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  75                   544                 1725        1276           916              1520               39165952         5608                8         1306624           2464       9                       62                   11                          62                       0                   0                  0                                   4            0             35233792       10.0.15063      5103616         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010918.802654-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2472    242                       7343750         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3670                 894882              4954        2864           916              3076               2199117103104    13312               8         2932736           2472       15                      173                  18                          176                      1                   0                  0                                   8            2968750       2199113957376  10.0.15063      13160448        0                    0
GFNEXSrv.exe               "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010918.845535-420  Win32_ComputerSystem  DESKTOP-096M4E5  GFNEXSrv.exe               C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe                                                 2504    71                        156250          1380                   200                    GFNEXSrv.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  15                   978                 1069        892            916              1028               21635072         3544                8         913408            2504       6                       30                   7                           30                       0                   0                  0                                   4            156250        19013632       10.0.15063      3055616         0                    0
spoolsv.exe                C:\WINDOWS\System32\spoolsv.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010918.928500-420  Win32_ComputerSystem  DESKTOP-096M4E5  spoolsv.exe                C:\WINDOWS\System32\spoolsv.exe                                                                               2576    512                       77968750        1380                   200                    spoolsv.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  11785                656576              38641       7948           916              8316               2199106244608    16436               8         8138752           2576       24                      159                  25                          164                      1434                4515789            0                                   20           36250000      2199101222912  10.0.15063      14655488        143                  4567667
svchost.exe                c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010919.048222-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2704    166                       6562500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9296                 183266              4547        1972           916              2156               2199078400000    8224                8         2019328           2704       11                      93                   16                          97                       1595                74544              0                                   5            2187500       2199075774464  10.0.15063      7368704         1435                 140240
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010919.490376-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2840    172                       625000          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  109                  1942                2135        1660           916              1840               2199075975168    7028                8         1699840           2840       9                       86                   10                          87                       0                   0                  0                                   5            312500        2199072305152  10.0.15063      6365184         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k networkservice -s CryptSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010919.495721-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2848    250                       13125000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7939                 497612              6129        3716           916              5332               2199132155904    14644               8         3805184           2848       27                      128                  29                          133                      1712                3205174            0                                   6            3281250       2199129010176  10.0.15063      12439552        78                   4348181
armsvc.exe                 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010919.499637-420  Win32_ComputerSystem  DESKTOP-096M4E5  armsvc.exe                 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe                                                  2856    140                       0               1380                   200                    armsvc.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  40                   518                 1958        1372           916              1596               65208320         6752                8         1404928           2856       9                       115                  10                          115                      0                   0                  0                                   3            312500        61276160       10.0.15063      5963776         0                    0
AsusWSWinService.exe       "C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926010919.499834-420  Win32_ComputerSystem  DESKTOP-096M4E5  AsusWSWinService.exe       C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe                                         2864    239                       2968750         1380                   200                    AsusWSWinService.exe       Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  594                  10758               15152       14088          916              15164              160935936        27080               8         14426112          2864       24                      211                  28                          211                      35                  126497             0                                   5            13125000      147304448      10.0.15063      15876096        0                    0
svchost.exe                C:\WINDOWS\System32\svchost.exe -k utcsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010919.502936-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\System32\svchost.exe                                                                               2872    591                       125312500       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  58552                1340105             130625      9524           916              11904              2199177023488    30344               8         9752576           2872       24                      271                  58                          281                      7607                58099178           0                                   14           93281250      2199169183744  10.0.15063      20037632        828                  13944919
svchost.exe                c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010919.505300-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2880    324                       68281250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  32378                17496036            245215      20712          916              110472             2199223160832    102324              8         21209088          2880       23                      137                  32                          167                      1534                104686940          0                                   16           123437500     2199160877056  10.0.15063      23068672        1541                 8570678
esif_uf.exe                C:\WINDOWS\SysWOW64\esif_uf.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010919.515770-420  Win32_ComputerSystem  DESKTOP-096M4E5  esif_uf.exe                C:\WINDOWS\SysWOW64\esif_uf.exe                                                                               2896    148                       468750          1380                   200                    esif_uf.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  249                  1424                2160        1892           916              1992               74715136         7136                13        1937408           2896       9                       128                  10                          130                      0                   0                  0                                   5            625000        70742016       10.0.15063      6340608         8                    1028768
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926010919.520170-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2904    215                       40625000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  54913                3157358             34460       2520           916              2848               2199074529280    8056                8         2580480           2904       13                      83                   16                          83                       0                   0                  0                                   5            14843750      2199070334976  10.0.15063      6381568         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010919.579762-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2972    165                       34375000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  31757                1872004             32122       1896           916              2496               2199077425152    7416                8         1941504           2972       10                      82                   15                          82                       0                   0                  0                                   4            12656250      2199070085120  10.0.15063      6864896         0                    0
mfevtps.exe                "C:\Windows\system32\mfevtps.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010919.622404-420  Win32_ComputerSystem  DESKTOP-096M4E5  mfevtps.exe                C:\Windows\system32\mfevtps.exe                                                                               3048    118                       625000          1380                   200                    mfevtps.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  163                  2858                2357        1812           916              2404               49242112         7276                8         1855488           3048       9                       77                   10                          83                       1                   217680             0                                   4            312500        43999232       10.0.15063      5656576         0                    0
mfemms.exe                 "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926010919.630415-420  Win32_ComputerSystem  DESKTOP-096M4E5  mfemms.exe                 C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe                                                    3060    164                       8593750         1380                   200                    mfemms.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7001                 254854              4302        2184           916              3120               56881152         8732                8         2236416           3060       11                      90                   14                          97                       2001                1274956            0                                   9            2500000       51376128       10.0.15063      6520832         1190                 77494
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926010919.638189-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               1652    206                       5937500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  15241                276039              3441        2460           916              2732               2199080300544    9572                8         2519040           1652       16                      95                   20                          95                       1635                112232             0                                   6            2343750       2199076081664  10.0.15063      8417280         1132                 256832
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010919.643562-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2248    192                       14843750        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  5991                 124905              13411       3608           916              4444               2199088402432    9860                8         3694592           2248       11                      80                   16                          103                      4                   149802             0                                   8            3125000       2199074336768  10.0.15063      8032256         4                    78778
PEFService.exe             "C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010919.654963-420  Win32_ComputerSystem  DESKTOP-096M4E5  PEFService.exe             C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe                                          652     159                       625000          1380                   200                    PEFService.exe             Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  111                  3090                2332        1648           916              1756               78262272         7896                8         1687552           652        9                       138                  10                          139                      4                   2323               0                                   4            156250        75116544       10.0.15063      6696960         0                    0
SecurityHealthService.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010919.698647-420  Win32_ComputerSystem  DESKTOP-096M4E5  SecurityHealthService.exe                                                                                                                3100    324                       14687500                                                      SecurityHealthService.exe  Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  690                  21520               15713       4972           916              5288               2199102664704    15600               8         5091328           3100       15                      153                  17                          161                      146                 18505580           0                                   5            16406250      2199099207680  10.0.15063      12107776        92                   9544
svchost.exe                C:\WINDOWS\system32\svchost.exe -k imgsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010919.709987-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               3128    204                       2500000         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  503                  87132               3491        2640           916              2720               2199086170112    9284                8         2703360           3128       12                      106                  13                          109                      0                   0                  0                                   8            1250000       2199084072960  10.0.15063      8962048         360                  51025
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926010919.721440-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3140    216                       583593750       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  115372               15137324            367494      57276          916              79648              2203444555776    86360               8         58650624          3140       16                      101                  20                          102                      43                  33650349           0                                   6            1337031250    2203423580160  10.0.15063      65617920        712                  40420817
TeamViewer_Service.exe     "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926010919.751225-420  Win32_ComputerSystem  DESKTOP-096M4E5  TeamViewer_Service.exe     C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe                                                      3164    333                       2968750         1380                   200                    TeamViewer_Service.exe     Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  2288                 249466              6558        5124           916              5980               114946048        17756               8         5246976           3164       22                      183                  25                          191                      3                   524554             0                                   16           1718750       110227456      10.0.15063      11898880        78                   1982900
svchost.exe                c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010919.764890-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3184    260                       115625000       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3323                 65088               101944      5300           916              6624               2199156518912    20004               8         5427200           3184       30                      164                  39                          172                      136                 8953856            0                                   11           195937500     2199153074176  10.0.15063      18735104        619                  2156440
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010919.778873-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3204    109                       625000          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  141                  3490                1696        1240           916              1404               2199063851008    5820                8         1269760           3204       8                       67                   9                           70                       44                  22528              0                                   3            0             2199061004288  10.0.15063      5328896         0                    0
MsMpEng.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010919.780024-420  Win32_ComputerSystem  DESKTOP-096M4E5  MsMpEng.exe                                                                                                                              3212    735                       848750000                                                     MsMpEng.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  884041               55842538            1804895     134984         916              547828             2199881437184    438716              8         138223616         3212       73                      565                  146                         973                      19843               660866331          0                                   26           3368125000    2199491391488  10.0.15063      88662016        1582                 231248927
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s WpnService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010919.807158-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3240    382                       22968750        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  11410                679974              16033       5160           916              5944               2199130173440    21352               8         5283840           3240       20                      185                  24                          200                      5286                2346993            0                                   8            23125000      2199118790656  10.0.15063      20533248        39                   78440
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010920.248228-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3588    90                        156250          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  4717                 411598              1668        1288           916              1464               2199063416832    5656                8         1318912           3588       8                       65                   8                           65                       0                   0                  0                                   3            625000        2199061319680  10.0.15063      5066752         0                    0
Memory Compression                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926010920.283173-420  Win32_ComputerSystem  DESKTOP-096M4E5  Memory Compression                                                                                                                       3620    0                         985781250                                                     Memory Compression         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  0                    0                   794568      820            4                824                402653184        142124              8         839680            3620       0                       5                    0                           5                        0                   0                  0                                   86           0             390070272      10.0.15063      59592704        0                    0
mfevtps.exe                "C:\Windows\system32\mfevtps.exe" -mms                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010920.330100-420  Win32_ComputerSystem  DESKTOP-096M4E5  mfevtps.exe                C:\Windows\system32\mfevtps.exe                                                                               3720    165                       14843750        1380                   200                    mfevtps.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9176                 184434              17105       2648           3060             5116               63533056         12180               8         2711552           3720       12                      100                  12                          110                      446                 17764042           0                                   6            8593750       59621376       10.0.15063      7405568         164                  7110
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Win32_Process      20170926010920.397685-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               3872    619                       61875000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  65440                5142594             68056       6168           916              9160               2199169036288    22248               8         6316032           3872       27                      232                  36                          258                      7203                218382             0                                   12           82031250      2199141220352  10.0.15063      17416192        175                  14120
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926010920.622584-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               4020    116                       156250          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  81                   1122                1830        1340           916              1488               2199064084480    6168                8         1372160           4020       8                       68                   9                           69                       0                   0                  0                                   2            0             2199061221376  10.0.15063      5656576         0                    0
SearchIndexer.exe          C:\WINDOWS\system32\SearchIndexer.exe /Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926010921.986022-420  Win32_ComputerSystem  DESKTOP-096M4E5  SearchIndexer.exe          C:\WINDOWS\system32\SearchIndexer.exe                                                                         4388    687                       67343750        1380                   200                    SearchIndexer.exe          Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  122797               8829764             83104       30748          916              43624              2199263543296    43560               8         31485952          4388       71                      271                  90                          274                      4309                9952794            0                                   21           79531250      2199248142336  10.0.15063      34865152        2430                 5006174
mfefire.exe                "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926010927.105884-420  Win32_ComputerSystem  DESKTOP-096M4E5  mfefire.exe                C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe                                                   4792    181                       56250000        1380                   200                    mfefire.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  64777                3798296             29208       2980           3060             3252               65220608         10152               8         3051520           4792       15                      106                  20                          115                      113                 308076             0                                   8            14687500      59154432       10.0.15063      8015872         83                   364
svchost.exe                c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010927.198552-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               4812    137                       122812500       1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  103723               4709046             70177       1732           916              2964               2199061655552    8760                8         1773568           4812       11                      59                   13                          61                       0                   0                  0                                   4            40156250      2199059558400  10.0.15063      6418432         0                    0
McSvHost.exe               "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" /mccoresvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926010929.151927-420  Win32_ComputerSystem  DESKTOP-096M4E5  McSvHost.exe               c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe                                          5028    1360                      172500000       1380                   200                    McSvHost.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  86791                5930908             140071      30988          916              31272              308199424        40224               8         31731712          5028       52                      378                  70                          397                      10894               76150596           0                                   90           166406250     299065344      10.0.15063      18583552        1814                 1260647
NisSrv.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926010942.140725-420  Win32_ComputerSystem  DESKTOP-096M4E5  NisSrv.exe                                                                                                                               5188    293                       28906250                                                      NisSrv.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  22996                7256392             120765      11904          916              46160              2199129796608    38952               8         12189696          5188       25                      112                  196                         112                      28                  11010860           0                                   12           123281250     2199094796288  10.0.15063      8638464         3445                 132294
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s CDPSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010944.842147-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               5324    301                       4687500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  949                  74334               8153        5236           916              5552               2199133892608    17484               8         5361664           5324       20                      169                  23                          169                      12                  2652               0                                   21           4218750       2199127080960  10.0.15063      16396288        0                    0
mfefire.exe                "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926010954.987497-420  Win32_ComputerSystem  DESKTOP-096M4E5  mfefire.exe                C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe                                                   5884    117                       312500          1380                   200                    mfefire.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  157                  2864                2415        1720           916              2448               48467968         7792                8         1761280           5884       9                       79                   9                           86                       2                   435360             0                                   4            781250        45101056       10.0.15063      5857280         0                    0
mcsacore.exe               "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926010955.138422-420  Win32_ComputerSystem  DESKTOP-096M4E5  mcsacore.exe               C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe                                                        5924    537                       146250000       4608                   3072                   mcsacore.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  23173                423409              79851       12716          916              14344              176295936        22552               8         13021184          5924       32                      228                  35                          239                      2607                13627270           0                                   46           29375000      167948288      10.0.15063      9891840         78                   41335
McAPExe.exe                "C:\Program Files\McAfee\MSC\McAPExe.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926010955.240811-420  Win32_ComputerSystem  DESKTOP-096M4E5  McAPExe.exe                C:\Program Files\McAfee\MSC\McAPExe.exe                                                                       5972    193                       3281250         1380                   200                    McAPExe.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  342                  4080                5205        3116           916              4456               98996224         12660               8         3190784           5972       13                      160                  15                          171                      18                  2676886            0                                   9            937500        88432640       10.0.15063      9019392         2                    8
mcshield.exe               "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926010955.363614-420  Win32_ComputerSystem  DESKTOP-096M4E5  mcshield.exe               C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe                                                      6012    560                       125312500       1380                   200                    mcshield.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  96798                12773878            523106      135032         3060             138196             309411840        141356              8         138272768         6012       28                      201                  56                          209                      9749                265278801          0                                   49           183593750     299905024      10.0.15063      19677184        93                   1100
HControl.exe               "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011114.140771-420  Win32_ComputerSystem  DESKTOP-096M4E5  HControl.exe               C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe                                               1216    216                       937500          1380                   200                    HControl.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  177                  15138               2755        1920           2464             2160               102830080        10052               8         1966080           1216       13                      182                  15                          187                      0                   0                  1                                   4            937500        97648640       10.0.15063      9064448         0                    0
saUI.exe                   "C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926011114.575154-420  Win32_ComputerSystem  DESKTOP-096M4E5  saUI.exe                   C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe                                                            1820    331                       11406250        1380                   200                    saUI.exe                   Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  8671                 284734              24440       8492           5924             18244              221732864        47184               8         8695808           1820       20                      315                  36                          388                      24                  348317             1                                   2            10000000      172118016      10.0.15063      6467584         1                    2
sihost.exe                 sihost.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011114.808626-420  Win32_ComputerSystem  DESKTOP-096M4E5  sihost.exe                 c:\windows\system32\sihost.exe                                                                                2228    802                       125000000       1380                   200                    sihost.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  10873                338776              31213       9416           1584             9700               2199195406336    34764               8         9641984           2228       21                      310                  24                          332                      76                  7206480            1                                   9            88281250      2199186657280  10.0.15063      33206272        1                    160
svchost.exe                c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011114.810546-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2272    195                       1406250         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  181                  3228                4185        3296           916              3752               2199122857984    13532               8         3375104           2272       13                      161                  16                          163                      2                   1527               1                                   8            781250        2199114985472  10.0.15063      12513280        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926011114.863244-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2720    401                       43750000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9443                 660656              61264       6912           916              8508               2199209205760    31040               8         7077888           2720       21                      298                  31                          326                      205                 665931             1                                   10           86250000      2199181099008  10.0.15063      29933568        3772                 7920119
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926011114.936814-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               2944    248                       12656250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9407                 352726              16202       3160           916              3660               2199119147008    19272               8         3235840           2944       14                      140                  15                          178                      0                   0                  0                                   5            16875000      2199097581568  10.0.15063      14548992        0                    0
taskhostw.exe              taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926011116.483568-420  Win32_ComputerSystem  DESKTOP-096M4E5  taskhostw.exe              c:\windows\system32\taskhostw.exe                                                                             6032    721                       91093750        1380                   200                    taskhostw.exe              Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  20006                143874              22403       9508           1392             11272              2199189839872    24652               8         9736192           6032       37                      222                  46                          236                      121                 5593704            1                                   15           75468750      2199183114240  10.0.15063      22409216        962                  22110208
USBChargerPlus.exe         "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926011116.509319-420  Win32_ComputerSystem  DESKTOP-096M4E5  USBChargerPlus.exe         C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe                                                 5040    155                       8750000         1380                   200                    USBChargerPlus.exe         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  670                  66676               11492       1952           1392             2164               125681664        7868                6         1998848           5040       12                      230                  14                          233                      2                   2                  1                                   3            1718750       121810944      10.0.15063      839680          12                   625
igfxEM.exe                 igfxEM.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011116.573599-420  Win32_ComputerSystem  DESKTOP-096M4E5  igfxEM.exe                 C:\WINDOWS\system32\igfxEM.exe                                                                                5812    204                       5468750         1380                   200                    igfxEM.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1121                 21298               5337        3524           2768             4732               122613760        13412               8         3608576           5812       14                      210                  15                          217                      0                   0                  1                                   5            937500        116236288      10.0.15063      11661312        7                    52844
igfxHK.exe                 igfxHK.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011116.918028-420  Win32_ComputerSystem  DESKTOP-096M4E5  igfxHK.exe                 C:\WINDOWS\system32\igfxHK.exe                                                                                1672    127                       1250000         1380                   200                    igfxHK.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  149                  172                 3735        2324           2768             2500               74485760         9844                8         2379776           1672       10                      120                  11                          129                      0                   0                  1                                   3            937500        67993600       10.0.15063      8400896         0                    0
ACMON.exe                  "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926011116.969102-420  Win32_ComputerSystem  DESKTOP-096M4E5  ACMON.exe                  C:\Program Files (x86)\ASUS\Splendid\ACMON.exe                                                                2928    180                       3437500         1380                   200                    ACMON.exe                  Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  341                  4578                9099        2276           1392             2476               100478976        7976                6         2330624           2928       15                      183                  16                          186                      247                 125624             1                                   2            625000        96550912       10.0.15063      61440           10                   10
igfxTray.exe               igfxTray.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926011117.139371-420  Win32_ComputerSystem  DESKTOP-096M4E5  igfxTray.exe               C:\WINDOWS\system32\igfxTray.exe                                                                              5460    173                       49687500        1380                   200                    igfxTray.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9990                 289456              15145       3160           2768             4632               114573312        11824               8         3235840           5460       12                      196                  13                          198                      0                   0                  1                                   3            7500000       108273664      10.0.15063      11415552        0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s Appinfo                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926011117.196210-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               6168    129                       1875000         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  919                  19234               2288        1384           916              1608               2199069315072    6548                8         1417216           6168       8                       67                   11                          76                       0                   0                  0                                   3            312500        2199062249472  10.0.15063      6217728         0                    0
DMedia.exe                 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926011118.983851-420  Win32_ComputerSystem  DESKTOP-096M4E5  DMedia.exe                 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe                                                  6664    157                       312500          1380                   200                    DMedia.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  78                   208                 2344        1536           3276             1616               89387008         8324                8         1572864           6664       11                      167                  12                          171                      0                   0                  1                                   2            312500        87330816       10.0.15063      7647232         0                    0
ATKOSD2.exe                "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926011118.983895-420  Win32_ComputerSystem  DESKTOP-096M4E5  ATKOSD2.exe                C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe                                                   6672    163                       937500          1380                   200                    ATKOSD2.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  116                  186                 2791        1912           3236             1992               116973568        9424                8         1957888           6672       13                      217                  13                          219                      5                   309652             1                                   3            625000        115593216      10.0.15063      8425472         0                    0
RuntimeBroker.exe          C:\Windows\System32\RuntimeBroker.exe -Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926011125.239253-420  Win32_ComputerSystem  DESKTOP-096M4E5  RuntimeBroker.exe          C:\Windows\System32\RuntimeBroker.exe                                                                         316     657                       721093750       1380                   200                    RuntimeBroker.exe          Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  122811               20410854            178740      22468          608              31276              2199463641088    61720               8         23007232          316        36                      445                  77                          885                      2220169             154085007          1                                   9            467968750     2199257468928  10.0.15063      46878720        145                  8266
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s LicenseManager                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011132.651587-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               7344    154                       2187500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  359                  27014               5969        2088           916              2728               2199086551040    10804               8         2138112           7344       11                      93                   13                          93                       0                   0                  0                                   4            4687500       2199075540992  10.0.15063      10350592        0                    0
SkypeHost.exe              "C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011133.085082-420  Win32_ComputerSystem  DESKTOP-096M4E5  SkypeHost.exe              C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe                  7420    289                       1093750         1380                   200                    SkypeHost.exe              Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  432                  3832                5439        4780           608              4780               145047552        17800               8         4894720           7420       14                      259                  15                          259                      9                   170204             1                                   11           1093750       145047552      10.0.15063      8970240         2                    8198
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s BITS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926011136.160343-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               7892    467                       32187500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  37973                2475919             28816       10220          916              11192              2199176060928    21176               8         10465280          7892       29                      188                  35                          199                      1146                6049422            0                                   14           14062500      2199165526016  10.0.15063      18747392        45                   591218
svchost.exe                c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926011136.748491-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               7944    255                       52968750        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  58138                2941855             38626       2996           916              3448               2199086108672    9488                8         3067904           7944       17                      99                   38                          99                       0                   0                  0                                   11           25156250      2199078768640  10.0.15063      8622080         0                    0
RAVBg64.exe                "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926011147.023434-420  Win32_ComputerSystem  DESKTOP-096M4E5  RAVBg64.exe                C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe                                                                4764    289                       3437500         1380                   200                    RAVBg64.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  880                  11036               12026       6088           1392             6236               136822784        13160               6         6234112           4764       15                      237                  17                          248                      0                   0                  1                                   5            625000        127381504      10.0.15063      163840          0                    0
RAVCpl64.exe               "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926011147.125057-420  Win32_ComputerSystem  DESKTOP-096M4E5  RAVCpl64.exe               C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe                                                               6656    338                       6562500         1380                   200                    RAVCpl64.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3326                 22082               14051       4208           1392             5780               152535040        13136               6         4308992           6656       15                      255                  17                          281                      0                   0                  1                                   8            781250        136212480      10.0.15063      204800          0                    0
dllhost.exe                C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011149.518314-420  Win32_ComputerSystem  DESKTOP-096M4E5  dllhost.exe                C:\WINDOWS\system32\DllHost.exe                                                                               4356    204                       7968750         1380                   200                    dllhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6245                 110502              6983        4956           608              6044               2199145914368    12084               8         5074944           4356       20                      141                  34                          144                      244                 15097143           1                                   5            2031250       2199140442112  10.0.15063      10584064        220                  2711552
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s DoSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926011156.213685-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               8308    358                       57812500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  21275                1335803             14939       4704           916              6380               2199129792512    16740               8         4816896           8308       18                      141                  61                          170                      1                   5042               0                                   12           47031250      2199104626688  10.0.15063      15384576        2                    356112
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011206.262601-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               8596    163                       5000000         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3811                 529512              5937        2048           916              6728               2199102287872    13820               8         2097152           8596       11                      98                   13                          138                      48                  17838              0                                   2            1093750       2199080046592  10.0.15063      8908800         5                    18381
MSASCuiL.exe               "C:\Program Files\Windows Defender\MSASCuiL.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926011207.139890-420  Win32_ComputerSystem  DESKTOP-096M4E5  MSASCuiL.exe               C:\Program Files\Windows Defender\MSASCuiL.exe                                                                7192    144                       1093750         1380                   200                    MSASCuiL.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  84                   546                 2823        1944           5984             2064               2199119265792    9956                8         1990656           7192       10                      178                  11                          182                      0                   0                  1                                   2            468750        2199116636160  10.0.15063      9011200         0                    0
OneDrive.exe               "C:\Users\ASUSUSER\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926011208.311131-420  Win32_ComputerSystem  DESKTOP-096M4E5  OneDrive.exe               C:\Users\ASUSUSER\AppData\Local\Microsoft\OneDrive\OneDrive.exe                                               1156    634                       66093750        1380                   200                    OneDrive.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  17036                571796              27821       21404          5984             33452              389279744        81468               8         21917696          1156       47                      561                  91                          599                      240                 489969             1                                   15           89062500      349036544      10.0.15063      8216576         2326                 1120694
SSScheduler.exe            "C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926011209.627007-420  Win32_ComputerSystem  DESKTOP-096M4E5  SSScheduler.exe            C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe                                                9244    112                       1093750         1380                   200                    SSScheduler.exe            Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  592                  240                 1960        1388           5984             1456               85479424         6172                8         1421312           9244       8                       154                  8                           154                      270                 251650             1                                   2            156250        82329600       10.0.15063      5525504         1                    3
jusched.exe                "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926011211.109413-420  Win32_ComputerSystem  DESKTOP-096M4E5  jusched.exe                C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe                                              9328    230                       1093750         1380                   200                    jusched.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  361                  3624                3625        2108           8724             2568               121708544        12980               8         2158592           9328       13                      207                  15                          215                      7                   2577               1                                   2            781250        108658688      10.0.15063      11309056        4                    957
McUICnt.exe                C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui /runkey                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926011215.995270-420  Win32_ComputerSystem  DESKTOP-096M4E5  McUICnt.exe                C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe                                                              9404    710                       49062500        1380                   200                    McUICnt.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  17707                236704              125768      13636          1392             15192              262737920        28748               8         13963264          9404       40                      374                  42                          398                      1878                18140097           1                                   42           25312500      244359168      10.0.15063      6275072         16                   5194
svchost.exe                c:\windows\system32\svchost.exe -k unistacksvcgroup                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926011243.705515-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               6284    636                       28906250        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  15544                1169470             26898       8972           916              13484              2199253393408    35652               8         9187328           6284       32                      255                  43                          270                      784                 17110378           1                                   7            38125000      2199234134016  10.0.15063      15691776        944                  3273079
McCSPServiceHost.exe       "C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011302.488467-420  Win32_ComputerSystem  DESKTOP-096M4E5  McCSPServiceHost.exe       C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe                                       7652    372                       55156250        1380                   200                    McCSPServiceHost.exe       Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  38547                895565              21507       5740           916              6236               118198272        19244               8         5877760           7652       20                      197                  24                          205                      62334               63222415           0                                   16           25625000      113303552      10.0.15063      17825792        1623                 715422
jhi_service.exe            "C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926011302.929380-420  Win32_ComputerSystem  DESKTOP-096M4E5  jhi_service.exe            C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe                                               5512    123                       468750          1380                   200                    jhi_service.exe            Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  78                   510                 1831        1300           916              1584               43102208         6488                8         1331200           5512       10                      71                   11                          71                       0                   0                  0                                   3            156250        37859328       10.0.15063      5697536         0                    0
ModuleCoreService.exe      "c:\program files\common files\mcafee\modulecore\modulecoreservice.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926011306.602539-420  Win32_ComputerSystem  DESKTOP-096M4E5  ModuleCoreService.exe      c:\program files\common files\mcafee\modulecore\modulecoreservice.exe                                         9420    287                       3281250         1380                   200                    ModuleCoreService.exe      Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  526                  4388                6360        4604           916              5884               131571712        16536               8         4714496           9420       19                      167                  28                          181                      131                 1409645            0                                   33           625000        121999360      10.0.15063      13815808        178                  247436
svchost.exe                c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011340.767411-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               6732    185                       5937500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  555                  3898                4334        2520           916              3256               2199089410048    10396               8         2580480           6732       12                      96                   14                          101                      1                   116                0                                   6            3437500       2199079505920  10.0.15063      9482240         1                    160
esif_assist_64.exe         "C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926011414.980279-420  Win32_ComputerSystem  DESKTOP-096M4E5  esif_assist_64.exe         C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe                                                                       7772    99                        211093750       1380                   200                    esif_assist_64.exe         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  23                   126                 1481        1408           2896             1424               83734528         5156                8         1441792           7772       7                       151                  8                           151                      2                   4005               1                                   4            34687500      81637376       10.0.15063      4722688         522                  522920
svchost.exe                c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926011501.042453-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               8860    190                       60000000        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  15140                72026               67126       2304           916              2868               2199117398016    11224               8         2359296           8860       12                      164                  14                          167                      4                   480                0                                   2            22656250      2199110852608  10.0.15063      10268672        4                    376
FIRSTRUN.EXE               "C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe" /OEMTA silent                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926011517.995719-420  Win32_ComputerSystem  DESKTOP-096M4E5  FIRSTRUN.EXE               C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe                                                 1036    613                       17968750        1380                   200                    FIRSTRUN.EXE               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  14221                425545              29488       15400          1392             15940              396603392        29816               6         15769600          1036       30                      603                  35                          669                      3                   24984              1                                   19           11562500      368455680      10.0.15063      1818624         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926011518.078222-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               9220    815                       88437500        1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  27185                1480866             333204      16424          916              121200             2199419576320    187352              8         16818176          9220       49                      337                  165                         631                      583                 13440226           0                                   19           69375000      2199253131264  10.0.15063      15806464        238                  2619872
AsusWSPanel.exe            /S                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926011710.589440-420  Win32_ComputerSystem  DESKTOP-096M4E5  AsusWSPanel.exe            C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSPanel.exe                                              6776    744                       122656250       1380                   200                    AsusWSPanel.exe            Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  18829                891718              43965       31160          9292             37988              733720576        54852               8         31907840          6776       49                      568                  62                          578                      73                  317505             1                                   13           66093750      719044608      10.0.15063      28442624        24                   2124
jucheck.exe                "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926011711.378677-420  Win32_ComputerSystem  DESKTOP-096M4E5  jucheck.exe                C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe                                              5204    337                       8906250         1380                   200                    jucheck.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  8914                 318722              5841        3008           9328             4136               164290560        14364               8         3080192           5204       17                      221                  21                          304                      28                  3816331            1                                   4            3437500       112799744      10.0.15063      12767232        43                   17196
AsusWSService.exe          "C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSService.exe"  MySyncFolder                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926011722.352105-420  Win32_ComputerSystem  DESKTOP-096M4E5  AsusWSService.exe          C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSService.exe                                            8268    739                       1160625000      1380                   200                    AsusWSService.exe          Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  958942               4607209             1738710     32372          6776             40100              703868928        53836               8         33148928          8268       45                      525                  127                         533                      97342               6554017334         1                                   22           370156250     692207616      10.0.15063      36720640        5808                 376122
svchost.exe                c:\windows\system32\svchost.exe -k netsvcs -s lfsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926011921.280554-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               10004   420                       9687500         1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1706                 29794               8079        3560           916              4388               2199109967872    17632               8         3645440           10004      19                      153                  23                          162                      6                   1692               0                                   6            5312500       2199097905152  10.0.15063      15269888        4                    1036
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926023534.773359-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   8896    2302                      4166562500      1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  463805               460252590           1293882     221088         5984             1058272            2235623002112    1088984             8         226394112         8896       117                     1131                 758                         1400                     1472860             1910469909         1                                   54           5295781250    2235533955072  10.0.15063      206016512       1811451              3831837858
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\ASUSUSER\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\ASUSUSER\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=60.0.3112.113 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ff964a229b8,0x7ff964a229f8,0x7ff964a229d0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926023535.509626-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   3280    206                       1406250         1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  927                  8504                2636        2120           8896             2152               2199129849856    9352                8         2170880           3280       12                      171                  12                          172                      112                 34165              1                                   7            312500        2199127695360  10.0.15063      8503296         65                   780
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9824 --on-initialized-event-handle=636 --parent-handle=640 /prefetch:6                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926023536.163748-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   4728    147                       1562500         1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  389                  4972                3075        3544           8896             3596               2199131627520    10176               8         3629056           4728       12                      186                  12                          187                      7                   4944344            1                                   3            0             2199129530368  10.0.15063      9121792         0                    0
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,6997506961021770788,6145735470147304261,131072 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,17,20,24,26,43,64,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4300 --gpu-driver-date=10-1-2015 --service-request-channel-token=892A66703791731AD33054A3ED36B0B6 --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926023536.449795-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   932     483                       582031250       1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1172                 74628               2059665     161880         8896             414648             2199789223936    236280              8         165765120         932        30                      620                  41                          687                      181978              100541806          1                                   9            1450156250    2199759224832  10.0.15063      128905216       104908               20033992
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,6997506961021770788,6145735470147304261,131072 --service-pipe-token=27CCA1168CE2C42DB8EB0828006EEBA5 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=27CCA1168CE2C42DB8EB0828006EEBA5 --renderer-client-id=4 --mojo-platform-channel-handle=2748 /prefetch:1                                               Win32_Process      20170926023536.977779-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   8224    268                       4843750         1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  620                  28694               66547       36536          8896             38860              2199826092032    37412               8         37412864          8224       24                      364                  24                          364                      8132                64058788           1                                   12           37187500      2199826092032  10.0.15063      23019520        15127                4379924
cmd.exe                    C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.99941073c902a12b > \\.\pipe\chrome.nativeMessaging.out.99941073c902a12b                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       Win32_Process      20170926023538.477701-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   10308   42                        156250          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  101                  1328                941         2964           8896             3992               2199042600960    3024                8         3035136           10308      4                       27                   4                           28                       1                   2461               1                                   2            0             2199041552384  10.0.15063      2248704         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926023538.610840-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               10320   128                       1093750         1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  186                  3202                3163        5692           10308            5796               2199124492288    11708               8         5828608           10320      10                      188                  11                          188                      0                   0                  1                                   4            156250        2199123968000  10.0.15063      6942720         0                    0
McChHost.exe               "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe"  chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     Win32_Process      20170926023538.745231-420  Win32_ComputerSystem  DESKTOP-096M4E5  McChHost.exe               C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe                                                        10352   303                       8437500         1380                   200                    McChHost.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  8120                 301268              8252        3596           10308            5284               122404864        13212               8         3682304           10352      16                      204                  20                          210                      35                  560637             1                                   10           6250000       112136192      10.0.15063      10911744        7                    39732
dasHost.exe                dashost.exe {36b364b3-2d43-43d7-86be55859033e18c}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926023627.607429-420  Win32_ComputerSystem  DESKTOP-096M4E5  dasHost.exe                C:\WINDOWS\system32\dashost.exe                                                                               8880    70                        468750          1380                   200                    dasHost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  66                   142                 1287        1024           4020             1140               2199050711040    4716                8         1048576           8880       6                       42                   7                           44                       0                   0                  0                                   2            0             2199047462912  10.0.15063      4149248         0                    0
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926024013.068450-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               10368   537                       48906250        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7731                 457902              40986       40588          5984             52636              2199397793792    98332               8         41562112          10368      69                      420                  84                          639                      5877                685744             1                                   6            28750000      2199290662912  10.0.15063      14442496        32                   85043
isa.exe                    "C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Win32_Process      20170926025516.403928-420  Win32_ComputerSystem  DESKTOP-096M4E5  isa.exe                    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe                                                 9568    220                       781250          1380                   200                    isa.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  292                  6576                4052        9524           916              9952               162168832        13560               8         9752576           9568       15                      222                  16                          223                      17                  67587              0                                   5            625000        155090944      10.0.15063      11988992        0                    0
explorer.exe               "C:\Windows\explorer.exe" /LOADSAVEDWINDOWS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926030631.375550-420  Win32_ComputerSystem  DESKTOP-096M4E5  explorer.exe               C:\Windows\explorer.exe                                                                                       6720    4060                      11524687500     1380                   200                    explorer.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1145372              201211649           1712628     194248         9596             209660             2203518791680    232432              8         198909952         6720       318                     1439                 361                         7514                     1188863             352326034          1                                   181          18578750000   2200357187584  10.0.15063      186683392       184168               54174288
ShellExperienceHost.exe    "C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926030633.130954-420  Win32_ComputerSystem  DESKTOP-096M4E5  ShellExperienceHost.exe    C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe                               2716    1719                      133750000       1380                   200                    ShellExperienceHost.exe    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6875                 192086              769773      65904          608              68548              2199511166976    107468              8         67485696          2716       48                      951                  54                          1404                     575                 11701741           1                                   38           333593750     2199481020416  10.0.15063      56664064        344                  83641
rundll32.exe               C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926030828.711946-420  Win32_ComputerSystem  DESKTOP-096M4E5  rundll32.exe               C:\WINDOWS\System32\rundll32.exe                                                                              9264    136                       1250000         1380                   200                    rundll32.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  58                   208                 2875        1772           608              2204               2199111917568    9232                8         1814528           9264       10                      163                  11                          169                      1                   4164               1                                   2            312500        2199108247552  10.0.15063      7909376         0                    0
ApplicationFrameHost.exe   C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926030902.993749-420  Win32_ComputerSystem  DESKTOP-096M4E5  ApplicationFrameHost.exe   C:\WINDOWS\system32\ApplicationFrameHost.exe                                                                  4756    571                       62656250        1380                   200                    ApplicationFrameHost.exe   Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  588                  12086               104898      16480          608              21504              2199221088256    39136               8         16875520          4756       28                      382                  34                          434                      129                 32573              1                                   5            44375000      2199208148992  10.0.15063      32227328        0                    0
rundll32.exe               C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {515980c3-57fe-4c1e-a561-730dd256ab98} -Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         Win32_Process      20170926031032.118168-420  Win32_ComputerSystem  DESKTOP-096M4E5  rundll32.exe               C:\WINDOWS\System32\rundll32.exe                                                                              7116    319                       7656250         1380                   200                    rundll32.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  639                  7204                9227        7544           608              8724               2199222136832    27184               8         7725056           7116       20                      348                  22                          358                      19                  52692              1                                   5            4687500       2199214002176  10.0.15063      24731648        1                    160
svchost.exe                c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926031258.905153-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               10080   201                       781250          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  177                  5936                3002        2408           916              2912               2199078096896    9372                8         2465792           10080      12                      86                   14                          87                       0                   0                  0                                   6            1093750       2199073013760  10.0.15063      8511488         0                    0
svchost.exe                c:\windows\system32\svchost.exe -k localservice -s SstpSvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           Win32_Process      20170926031259.012854-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                c:\windows\system32\svchost.exe                                                                               11124   114                       937500          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  91                   1112                1970        1568           916              1832               2199069515776    6952                8         1605632           11124      10                      74                   11                          75                       0                   0                  0                                   2            312500        2199065841664  10.0.15063      6176768         0                    0
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,6997506961021770788,6145735470147304261,131072 --disable-databases --service-pipe-token=D2909EDA435B88621367F00577BDDD12 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D2909EDA435B88621367F00577BDDD12 --renderer-client-id=23 --mojo-platform-channel-handle=7296 /prefetch:1                                              Win32_Process      20170926031333.661824-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   9304    334                       98593750        1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  535                  28802               1156100     239708         8896             303560             2200740294656    310924              4         245460992         9304       68                      481                  80                          536                      32639               72075472           1                                   13           3459531250    2200163655680  10.0.15063      198180864       49383                29213284
McAfee Safe Connect.exe    "C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926031341.168740-420  Win32_ComputerSystem  DESKTOP-096M4E5  McAfee Safe Connect.exe    C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe                                            9180    702                       39531250        1380                   200                    McAfee Safe Connect.exe    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  11311                519338              181040      58232          5452             68848              503324672        326908              8         59629568          9180       52                      719                  57                          734                      210                 574463             1                                   15           67500000      494870528      10.0.15063      252989440       161                  18836
Taskmgr.exe                "C:\WINDOWS\System32\Taskmgr.exe" /3                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 Win32_Process      20170926033329.288222-420  Win32_ComputerSystem  DESKTOP-096M4E5  Taskmgr.exe                C:\WINDOWS\System32\Taskmgr.exe                                                                               10236   673                       2054687500      1380                   200                    Taskmgr.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  188919               14595946            156980      25800          6948             35728              2199394095104    70888               8         26419200          10236      34                      555                  46                          741                      2568                254500             1                                   17           1285937500    2199292903424  10.0.15063      51429376        11835                335088793
svchost.exe                C:\WINDOWS\system32\svchost.exe -k SDRSVC                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926033412.186649-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               3632    160                       781250          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  389                  3498                4017        2004           916              3432               2199107768320    10264               6         2052096           3632       11                      143                  12                          145                      0                   0                  0                                   3            625000        2199103033344  10.0.15063      5918720         0                    0
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926033554.952522-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   9668    41                        468750          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  157                  1750                952         3148           6720             4176               2199046901760    3324                8         3223552           9668       5                       35                   5                           36                       1                   2557               1                                   2            0             2199045853184  10.0.15063      2949120         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926033555.083635-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               9344    227                       31718750        1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6808                 379250              91905       8068           9668             11972              2199157571584    28172               8         8261632           9344       13                      204                  14                          220                      18                  14021              1                                   4            7656250       2199148650496  10.0.15063      13578240        0                    0
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,6997506961021770788,6145735470147304261,131072 --disable-databases --service-pipe-token=DFC4161D73935CF7701BDF786DD66EA1 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=DFC4161D73935CF7701BDF786DD66EA1 --renderer-client-id=57 --mojo-platform-channel-handle=6500 /prefetch:1                                              Win32_Process      20170926033632.508420-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   3388    358                       27656250        1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  560                  28800               197333      65380          8896             155080             2199998382080    179528              4         66949120          3388       38                      418                  53                          460                      15128               68364504           1                                   14           416093750     2199943188480  10.0.15063      74747904        21801                13844924
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926033913.871828-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               10140   534                       44062500        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6505                 470446              40440       40340          6720             53412              2199376515072    99032               8         41308160          10140      69                      420                  83                          592                      5035                580466             1                                   7            25000000      2199291154432  10.0.15063      50941952        15                   1837
svchost.exe                C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926033939.538619-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\System32\svchost.exe                                                                               6352    139                       468750          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  127                  430                 1924        1620           916              2192               2199071997952    6952                8         1658880           6352       10                      78                   11                          78                       0                   0                  0                                   4            312500        2199067803648  10.0.15063      6287360         0                    0
SystemSettings.exe         "C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Win32_Process      20170926034044.022882-420  Win32_ComputerSystem  DESKTOP-096M4E5  SystemSettings.exe         C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe                                                           5372    780                       47343750        1380                   200                    SystemSettings.exe         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7605                 251184              76893       26788          608              28444              2199428595712    79672               8         27430912          5372       37                      865                  41                          948                      15                  11223              1                                   20           91093750      2199404208128  10.0.15063      56541184        3                    344
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926034146.332638-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               8116    541                       68906250        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  10356                802764              53543       44908          6720             57216              2199389114368    102712              8         45985792          8116       70                      422                  83                          620                      9599                982430             1                                   8            43437500      2199294930944  10.0.15063      53264384        15                   1834
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926034257.210524-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   2992    41                        156250          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  148                  1522                940         3144           6720             3144               2199045853184    3340                8         3219456           2992       5                       35                   5                           36                       0                   0                  1                                   2            156250        2199045853184  10.0.15063      2916352         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926034257.249033-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               1236    227                       20468750        1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1857                 93384               4784        6368           2992             6572               2199144697856    18320               8         6520832           1236       13                      204                  14                          206                      17                  7267               1                                   4            2968750       2199143645184  10.0.15063      13504512        0                    0
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926034435.481490-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   5640    41                        312500          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  216                  2532                1025        3144           6720             3144               2199045853184    3344                8         3219456           5640       5                       35                   5                           36                       0                   0                  1                                   2            156250        2199045853184  10.0.15063      2912256         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926034435.518243-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               9364    227                       31093750        1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  5992                 338610              6364        7936           5640             11744              2199150366720    20024               8         8126464           9364       13                      204                  14                          206                      17                  7267               1                                   4            6093750       2199147077632  10.0.15063      13762560        0                    0
MicrosoftEdge.exe          "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926035038.989578-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdge.exe          C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe                                 11068   1532                      79531250        1380                   200                    MicrosoftEdge.exe          Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6152                 101888              146662      45740          608              52684              2199528140800    105932              8         46837760          11068      60                      998                  68                          1206                     2188                5956500            1                                   32           145156250     2199494705152  10.0.15063      80875520        3058                 3724085
browser_broker.exe         C:\WINDOWS\system32\browser_broker.exe -Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926035039.338728-420  Win32_ComputerSystem  DESKTOP-096M4E5  browser_broker.exe         C:\WINDOWS\system32\browser_broker.exe                                                                        7312    379                       2187500         1380                   200                    browser_broker.exe         Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  611                  11378               4855        3092           608              3668               2199141404672    17384               8         3166208           7312       16                      225                  19                          231                      54                  489605             1                                   4            1093750       2199136968704  10.0.15063      16400384        2                    157130
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926035040.163949-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               2232    391                       16562500        1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  515                  2904                72576       6588           608              11964              2233547358208    30244               8         6746112           2232       20                      267                  26                          275                      1                   50565              1                                   12           64218750      2233538842624  10.0.15063      22847488        0                    0
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926035108.751886-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               11392   960                       109218750       1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9825                 830388              226192      88912          608              137540             2234195296256    180056              8         91045888          11392      82                      1121                 150                         1276                     750                 5654449            1                                   36           470468750     2234145497088  10.0.15063      67829760        563                  7199969
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926035114.109390-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               11624   861                       11406250        1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1523                 40269               32242       60888          608              67364              2234328408064    92012               8         62349312          11624      61                      1611                 118                         1620                     40                  1078609            1                                   38           19062500      2234319052800  10.0.15063      49147904        33                   618394
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926035446.642107-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               11348   888                       29843750        1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3471                 207702              60457       53776          608              62076              2234089402368    99508               8         55066624          11348      51                      1078                 87                          1140                     187                 790618             1                                   34           33437500      2234070360064  10.0.15063      63787008        128                  640169
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926035455.554161-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               944     560                       72343750        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  8724                 535954              42505       38236          6720             59784              2199400206336    98124               8         39153664          944        70                      470                  85                          642                      5352                780416             1                                   8            36562500      2199309545472  10.0.15063      51507200        33                   139846
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926035541.216314-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   10048   41                        1406250         1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1116                 19328               1175        3044           6720             3160               2199045853184    3380                8         3117056           10048      5                       35                   5                           36                       0                   0                  1                                   2            156250        2199045853184  10.0.15063      3112960         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926035541.255454-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               8428    227                       105937500       1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  27468                1821299             24923       8248           10048            12308              2199154397184    27100               8         8445952           8428       13                      204                  14                          221                      17                  7267               1                                   4            19218750      2199147073536  10.0.15063      14671872        0                    0
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mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926035740.551362-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               8448    535                       44687500        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7798                 523046              40215       40408          6720             53060              2199398887424    99816               8         41377792          8448       69                      422                  84                          641                      5839                698478             1                                   6            25156250      2199290712064  10.0.15063      50159616        32                   113235
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926035907.150650-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   4524    41                        468750          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  147                  1524                916         3152           6720             3152               2199045853184    3208                8         3227648           4524       5                       35                   5                           36                       0                   0                  1                                   2            0             2199045853184  10.0.15063      2822144         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926035907.195248-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               12232   227                       19062500        1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  5704                 316464              4815        6428           4524             6640               2199144701952    18464               8         6582272           12232      13                      204                  14                          206                      17                  7267               1                                   4            3750000       2199143649280  10.0.15063      13651968        0                    0
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926040417.508494-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               12188   551                       41718750        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6786                 419726              41856       37784          6720             49812              2199399546880    97440               8         38690816          12188      70                      421                  84                          623                      5298                707128             1                                   8            26250000      2199288508416  10.0.15063      50978816        32                   123298
dllhost.exe                C:\WINDOWS\system32\DllHost.exe /Processid:{448AEE3B-DC65-4AF6-BF5F-DCE86D62B6C7}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926040806.680970-420  Win32_ComputerSystem  DESKTOP-096M4E5  dllhost.exe                C:\WINDOWS\system32\DllHost.exe                                                                               1724    322                       574218750       1380                   200                    dllhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1181                 7578                8829        6016           608              6868               2199247110144    28588               8         6160384           1724       22                      356                  26                          398                      17                  52012              1                                   5            12031250      2199221284864  10.0.15063      26624000        3                    480
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926040856.316882-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               4224    911                       35625000        1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3557                 190945              69046       56752          608              78688              2234094559232    114448              8         58114048          4224       56                      1104                 120                         1188                     122                 768142             1                                   34           61406250      2234073952256  10.0.15063      60608512        83                   545295
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926040937.660784-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               3656    529                       48125000        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6992                 430648              40371       40116          6720             52492              2199369474048    99576               8         41078784          3656       69                      418                  83                          584                      5223                722594             1                                   6            28906250      2199282262016  10.0.15063      51269632        32                   148942
MicrosoftEdgeCP.exe        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926041130.435448-420  Win32_ComputerSystem  DESKTOP-096M4E5  MicrosoftEdgeCP.exe        C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe                               11120   889                       50000000        1380                   200                    MicrosoftEdgeCP.exe        Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  2293                 131208              88228       53564          608              62724              2234080841728    103824              8         54849536          11120      53                      1087                 79                          1153                     123                 763461             1                                   34           90000000      2234066481152  10.0.15063      67538944        29                   307265
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926041437.543844-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   11972   41                        1250000         1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1065                 11774               1776        3020           6720             3276               2199045853184    3380                8         3092480           11972      5                       35                   5                           36                       1                   2470               1                                   2            156250        2199045853184  10.0.15063      3211264         0                    0
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notepad.exe                "C:\WINDOWS\system32\notepad.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926041512.873451-420  Win32_ComputerSystem  DESKTOP-096M4E5  notepad.exe                C:\WINDOWS\system32\notepad.exe                                                                               2796    218                       17187500        1380                   200                    notepad.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  157                  174                 4229        2844           6720             3380               2199193427968    15644               8         2912256           2796       14                      291                  15                          300                      2                   8575               1                                   2            4687500       2199186599936  10.0.15063      15204352        0                    0
dllhost.exe                C:\WINDOWS\system32\DllHost.exe /Processid:{448AEE3B-DC65-4AF6-BF5F-DCE86D62B6C7}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926041958.972481-420  Win32_ComputerSystem  DESKTOP-096M4E5  dllhost.exe                C:\WINDOWS\system32\DllHost.exe                                                                               6988    344                       32812500        1380                   200                    dllhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  773                  4582                87139       6108           608              6744               2199249567744    37092               8         6254592           6988       23                      368                  26                          399                      16                  77334              1                                   5            6406250       2199228248064  10.0.15063      27049984        1                    160
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926042359.163426-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               5664    550                       93281250        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  11184                920418              57506       37852          6720             49584              2199405293568    97120               8         38760448          5664       70                      472                  85                          653                      10229               1123703            1                                   9            52968750      2199311732736  10.0.15063      53743616        32                   156352
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SearchUI.exe               "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Win32_Process      20170926043019.194374-420  Win32_ComputerSystem  DESKTOP-096M4E5  SearchUI.exe               C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe                                    12328   884                       7968750         1380                   200                    SearchUI.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1631                 23901               31363       47484          608              56648              2234148200448    100148              8         48623616          12328      56                      681                  65                          720                      267                 2151206            1                                   34           14218750      2234119106560  10.0.15063      59478016        23                   136645
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926043140.719112-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               2916    541                       47343750        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7497                 529336              39877       39924          6720             52292              2199387762688    99748               8         40882176          2916       68                      411                  82                          620                      5807                700556             1                                   8            27500000      2199284281344  10.0.15063      51507200        32                   120793
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926043343.897399-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               9696    588                       128125000       1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  19078                2015870             63526       45576          6720             58220              2199432429568    107256              8         46669824          9696       71                      433                  84                          698                      14937               1870457            1                                   9            77031250      2199296512000  10.0.15063      54906880        67                   419315
audiodg.exe                C:\WINDOWS\system32\AUDIODG.EXE 0x528                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926043450.226798-420  Win32_ComputerSystem  DESKTOP-096M4E5  audiodg.exe                C:\WINDOWS\system32\AUDIODG.EXE                                                                               680     811                       114843750       35212                  34032                  audiodg.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  4368                 118880              43289       33092          2084             33864              2199126290432    37924               8         33886208          680        19                      130                  20                          133                      1                   7332               0                                   17           2435625000    2199123656704  10.0.15063      30748672        0                    0
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926045020.978428-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               11568   563                       51875000        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  9226                 505810              41373       41468          6720             54284              2199440244736    103472              8         42463232          11568      70                      429                  86                          727                      5622                738613             1                                   8            29375000      2199293190144  10.0.15063      60489728        34                   124783
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926045132.970427-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   5760    42                        625000          1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  354                  3682                1104        3084           6720             3144               2199045853184    3288                8         3158016           5760       4                       35                   5                           36                       1                   2412               1                                   2            156250        2199045853184  10.0.15063      3346432         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926045133.104303-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               6824    228                       9843750         1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  501                  17062               4894        6400           5760             6604               2199144681472    18680               8         6553600           6824       13                      205                  14                          206                      18                  17141              1                                   4            2500000       2199143632896  10.0.15063      14798848        0                    0
consent.exe                consent.exe 6168 288 000002186DE3BDC0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926045222.104637-420  Win32_ComputerSystem  DESKTOP-096M4E5  consent.exe                c:\windows\system32\consent.exe                                                                               1052    275                       1718750         1380                   200                    consent.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  362                  9884                3901        3304           6168             3508               2199159246848    13188               13        3383296           1052       14                      221                  14                          268                      2                   298839             1                                   6            1093750       2199133528064  10.0.15063      12398592        0                    0
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926045955.804830-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               7080    530                       51093750        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6895                 437784              40326       36760          6720             48520              2199384887296    95508               8         37642240          7080       69                      419                  83                          611                      5125                699284             1                                   6            26718750      2199286390784  10.0.15063      79241216        32                   128496
notepad.exe                "C:\WINDOWS\system32\notepad.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926050147.496748-420  Win32_ComputerSystem  DESKTOP-096M4E5  notepad.exe                C:\WINDOWS\system32\notepad.exe                                                                               9616    218                       22656250        1380                   200                    notepad.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  168                  594                 10471       2836           6720             3284               2199197614080    23600               8         2904064           9616       13                      291                  15                          308                      2                   8813               1                                   2            5468750       2199186595840  10.0.15063      16433152        0                    0
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926050218.660313-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               12964   544                       43281250        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  6602                 548076              39328       40992          6720             52964              2199394689024    100432              8         41975808          12964      70                      423                  83                          636                      5035                648046             1                                   9            24218750      2199292243968  10.0.15063      83865600        32                   75636
nslookup.exe               NSLOOKUP                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Win32_Process      20170926051843.054468-420  Win32_ComputerSystem  DESKTOP-096M4E5  nslookup.exe               C:\WINDOWS\system32\nslookup.exe                                                                              12356   100                       468750          1380                   200                    nslookup.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  170                  5040                1529        1540           5760             1656               2199073546240    5764                8         1576960           12356      8                       92                   8                           93                       2                   9                  1                                   2            0             2199071449088  10.0.15063      5844992         17                   265
cmd.exe                    "C:\WINDOWS\system32\cmd.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Win32_Process      20170926051939.908804-420  Win32_ComputerSystem  DESKTOP-096M4E5  cmd.exe                    C:\WINDOWS\system32\cmd.exe                                                                                   5268    42                        1875000         1380                   200                    cmd.exe                    Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1346                 14896               2205        3204           6720             4164               2199046795264    3412                8         3280896           5268       4                       35                   5                           36                       0                   0                  1                                   2            0             2199045853184  10.0.15063      3338240         0                    0
conhost.exe                \??\C:\WINDOWS\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Win32_Process      20170926051939.930353-420  Win32_ComputerSystem  DESKTOP-096M4E5  conhost.exe                C:\WINDOWS\system32\conhost.exe                                                                               10664   269                       130156250       1380                   200                    conhost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  10806                718491              20471       9244           5268             12448              2199156015104    28608               8         9465856           10664      16                      220                  18                          221                      18                  197615             1                                   7            14687500      2199150477312  10.0.15063      23113728        0                    0
chrome.exe                 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,6997506961021770788,6145735470147304261,131072 --disable-databases --service-pipe-token=451372F4F5332298FB73B954294BBEA5 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=451372F4F5332298FB73B954294BBEA5 --renderer-client-id=68 --mojo-platform-channel-handle=11568 /prefetch:1                                             Win32_Process      20170926052006.658060-420  Win32_ComputerSystem  DESKTOP-096M4E5  chrome.exe                 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe                                                   12516   434                       43906250        1380                   200                    chrome.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  561                  28736               294255      142708         8896             179312             2200114544640    221064              8         146132992         12516      53                      563                  68                          625                      30110               74860400           1                                   16           608437500     2200067911680  10.0.15063      171200512       46721                27806148
mspaint.exe                "C:\WINDOWS\system32\mspaint.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926052242.730662-420  Win32_ComputerSystem  DESKTOP-096M4E5  mspaint.exe                C:\WINDOWS\system32\mspaint.exe                                                                               11644   596                       46250000        1380                   200                    mspaint.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  7730                 531922              40016       41304          6720             52828              2199394172928    100312              8         42295296          11644      72                      451                  84                          634                      5830                686638             1                                   21           24687500      2199304777728  10.0.15063      84787200        32                   100826
notepad.exe                "C:\WINDOWS\system32\notepad.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Win32_Process      20170926052402.749743-420  Win32_ComputerSystem  DESKTOP-096M4E5  notepad.exe                C:\WINDOWS\system32\notepad.exe                                                                               12900   624                       53437500        1380                   200                    notepad.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  8458                 495422              29560       16884          6720             25668              2199350620160    63040               8         17289216          12900      34                      441                  46                          606                      7750                906980             1                                   23           29218750      2199261646848  10.0.15063      54362112        24                   117916
AcroRd32.exe               "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\ASUSUSER\Desktop\DISPDIAG - SYSTEM 32 - .DAT FILE.pdf"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926053132.692573-420  Win32_ComputerSystem  DESKTOP-096M4E5  AcroRd32.exe               C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe                                            2308    388                       4531250         1380                   200                    AcroRd32.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3815                 131540              6426        8872           6720             9088               144064512        23332               8         9084928           2308       19                      249                  20                          250                      9                   10456              1                                   11           1250000       138821632      10.0.15063      23740416        0                    0
AcroRd32.exe               "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer /prefetch:1  "C:\Users\ASUSUSER\Desktop\DISPDIAG - SYSTEM 32 - .DAT FILE.pdf"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   Win32_Process      20170926053134.553766-420  Win32_ComputerSystem  DESKTOP-096M4E5  AcroRd32.exe               C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe                                            11792   412                       12500000        1380                   200                    AcroRd32.exe               Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  3221                 90694               18155       20936          2308             30976              248307712        54256               8         21438464          11792      44                      392                  46                          400                      1189                1778628            1                                   16           7812500       232587264      10.0.15063      45510656        241                  80713
RdrCEF.exe                 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16448250                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Win32_Process      20170926053140.681992-420  Win32_ComputerSystem  DESKTOP-096M4E5  RdrCEF.exe                 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe                                      11192   618                       5625000         1380                   200                    RdrCEF.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  1701                 22578               13338       12080          2308             14264              297525248        31896               8         12369920          11192      32                      486                  35                          504                      2496                6327804            1                                   28           8281250       284737536      10.0.15063      32210944        1361                 1328879
RdrCEF.exe                 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --primordial-pipe-token=CD0AF32226C9591530E8D5A15C2D8B1E --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/17.12.20093 Chrome/59.0.3071.15" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=CD0AF32226C9591530E8D5A15C2D8B1E --renderer-client-id=2 --mojo-platform-channel-handle=1712 --allow-no-sandbox-job /prefetch:1  Win32_Process      20170926053142.552173-420  Win32_ComputerSystem  DESKTOP-096M4E5  RdrCEF.exe                 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe                                      10988   287                       3437500         1380                   200                    RdrCEF.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  354                  26548               44420       44884          11192            60604              297324544        64360               8         45961216          10988      34                      356                  35                          365                      640                 333136             1                                   15           36250000      293191680      10.0.15063      55386112        680                  165916
RdrCEF.exe                 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --primordial-pipe-token=BBF56939A73DC795EBABCF1B9D3906BF --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/17.12.20093 Chrome/59.0.3071.15" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=BBF56939A73DC795EBABCF1B9D3906BF --renderer-client-id=3 --mojo-platform-channel-handle=2144 --allow-no-sandbox-job /prefetch:1  Win32_Process      20170926053144.924098-420  Win32_ComputerSystem  DESKTOP-096M4E5  RdrCEF.exe                 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe                                      13204   279                       3281250         1380                   200                    RdrCEF.exe                 Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  344                  26548               37759       45340          11192            47500              275873792        54904               8         46428160          13204      31                      356                  34                          357                      451                 133284             1                                   14           30312500      275349504      10.0.15063      54571008        487                  101968
svchost.exe                C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Win32_Process      20170926053431.611795-420  Win32_ComputerSystem  DESKTOP-096M4E5  svchost.exe                C:\WINDOWS\system32\svchost.exe                                                                               12724   148                       625000          1380                   200                    svchost.exe                Win32_OperatingSystem  Microsoft Windows 10 Home|C:\WINDOWS|\Device\Harddisk0\Partition3  67                   790                 1907        1656           916              1872               2199073173504    6940                8         1695744           12724      9                       77                   10                          78                       2                   4666               0                                   5            156250        2199069646848  10.0.15063      7016448         1                    160
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